/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
A webshell and a normal file that have the same MD5
(github.com)
98 points
shlomo_z
| 1 comments |
21 Sep 25 05:52 UTC
|
HN request time: 0s
|
source
Show context
andreareina
◴[
21 Sep 25 05:59 UTC
]
No.
45320414
[source]
▶
>>45320382 (OP)
#
The normal file doesn't look that normal
replies(1):
>>45356511
#
o11c
◴[
24 Sep 25 05:08 UTC
]
No.
45356511
[source]
▶
>>45320414
#
Keep in mind that the stated use is cache-poisoning of automated scanners, not fooling humans.
replies(1):
>>45357770
#
slow_typist
◴[
24 Sep 25 08:35 UTC
]
No.
45357770
[source]
▶
>>45356511
#
Humans have to put the so called php-file on the server intentionally for any subsequent attack to work. But it is a binary file.
replies(1):
>>45357920
#
h33t-l4x0r
◴[
24 Sep 25 09:05 UTC
]
No.
45357920
{3}
[source]
▶
>>45357770
#
I imagine it's supposed to get onto the server by an exploited vulnerable image upload plugin
replies(1):
>>45359406
#
1.
slow_typist
◴[
24 Sep 25 12:34 UTC
]
No.
45359406
{4}
[source]
▶
>>45357920
#
Maybe I don’t understand the scenario fully, but under your assumption there is no need to inject the malicious webshell later.
ID:
GO
↑